1. Field of the Invention
The present invention relates generally to a computer implemented method, data processing system, and computer program product for setting controls on resource access in data processing systems. More specifically, the present invention relates to changing a security configuration associated with a thread.
2. Description of the Related Art
Security is a core feature of enterprise computing. As computing environments have become more complex, so have the authentication and authorization of security schemes within these environments. Authentication is the process of establishing whether a client is who or what it claims to be in a particular computing environment. A client can be an end-user, a machine, or an application. An authenticated client may rely on one or more applications, each of which may have a different security configuration associated therewith. An authentication mechanism in WebSphere Application Server typically collaborates closely with a user registry.
A user registry is the user and groups account repository that an authentication mechanism consults when performing authentication. The authentication mechanism is responsible for creating a credential, which is an internal product representation of a successfully authenticated client user. Not all credentials are created equally. The abilities of the credential are determined by the configured authentication mechanism.